Two-Factor Authentication for Sub-Account

Comments (12)

This is needed!!! Especially if an account holder allows for sub-accounts with full control - the sub account has their own email login and therefore should also have the option to use two step auth with time based tokens (and should be mandatory - to use time based tokens on sub-account if the primary account holder activated two-step authentication)

This is a serious security risk that needs to be addressed urgently. We must all continuously improve our security protections. This change should be implemented urgently and I would urge you to escalate it to top priority for immediate action.

If you make 2FA mandatory for customers, sub-accounts can't login at all as they can't set up 2FA but are trapped in redirects to the 2FA page. This should be considered a bug not a feature request. Fix this please, WHMCS.